On Tue, 2014-06-17 at 15:23 -0400, Rob Crittenden wrote: > Simo Sorce wrote: > > On Tue, 2014-06-17 at 17:59 +0200, thierry bordaz wrote: > >> * ipa stageuser-add <login> --from-delete > >> > >> It moves a deleted entry to staging container where > >> > >> uidNumber: <unchanged, so it is preserved from the > >> prevous active account> > >> gidNumber: <unchanged, so it is preserved from the > >> prevous active account> > >> ipaUniqueID: autogenerate (reset to autogenerate) > > > > Why are you resetting the unique id ? > > Read back a few in the thread. I suggested, perhaps incorrectly, that > given that there should be no more references to the user once they go > into deleted or staged, it may be ok to reset this value.
Well, let me reiterate, the deleted bucket is for those environments where they have a mandate (regulation, law, policy, etc..) to never delete users and reinstate users if they are deleted. So all uniquely identifying information should be preserved in case the object is revived. This means we need to do our best to preserve all these attributes if we can. Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipafirstname.lastname@example.org https://www.redhat.com/mailman/listinfo/freeipa-devel